[dns-operations] McAfee contacts? Nameserver emitting CLASS0 SOA responses, crashes 'dig', makes PowerDNS log odd errors
Keith Mitchell
keith at isc.org
Wed Dec 8 19:22:22 UTC 2010
bert hubert wrote:
> $ dig -t ipseckey 0.11-234343.avqs.mcafee.com +trace
> ...
> avqs.mcafee.com. 86400 IN NS local.cloud.mcafee.com.
> ;; Received 71 bytes from 193.108.91.2#53(ns1-2.akam.net) in 1 ms
>
> Segmentation fault
> (!)
>
> It appears that McAfee is sending out class=0 NXDOMAINS SOA records (on
> another system with a different 'dig'):
>
> ;; Warning: Message parser reports malformed message packet.
> avqs.mcafee.com. 600 RESERVED0 SOA mcafee.com. hostmaster. 1291809121 1800 600 604800 600
> ;; Received 102 bytes from 81.173.111.74#53(local.cloud.mcafee.com) in 22 ms
>
> Unfortunately, this condition triggers an error message in the PowerDNS
> Recursor, which in turn generates around 10 log messages/second on some busy
> installations with customers generating these lookups.
>
> Since this situation also confuses/crashes 'dig'
Just to confirm we've opened a BIND ticket to look into this dig bug.
Keith
More information about the dns-operations
mailing list